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What is claimed is: 

1 1 . A computer-implemented method for managing sensitive data in a point-of-sale 

2 terminal having a first memory element, a processor having a register, a security circuit, 

3 and a power supply circuit arranged to provide power from a first power source when 

4 power is available from the first source and from a second power source when power is 

5 unavailable from the first source, comprising: 

6 storing sensitive data in the first memory element; 

7 upon loss of power from the first source, switching to power from the second 

8 source, copying the sensitive data from the first memory element to the register, and 

9 erasing the sensitive data from the first memory element; and 

10 upon detecting an attack on the terminal, erasing the sensitive data from the first 

1 1 memory element and from the register. 

1 2 . The method of claim 1 , further comprising upon reapplication of power from the 

2 first source, copying the sensitive data from the register to the RAM. 

1 3 . The method of claim 2, wherein the sensitive data includes a general encryption 

2 key. 

1 4. The method of claim 3 , wherein the first memory element is RAM internal to the 

2 processor, and the terminal further includes a second memory element that is a RAM 

3 external to the processor, the method further comprising: 

4 generating encrypted data using the general encryption key; and 
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5 storing the encrypted data in the second memory element. 

1 5. The method of claim 4, further comprising: 

2 generating a random value; 

3 storing the random value in the first memory element; 

4 encrypting the random value as a marker value using the general encryption key; 

5 storing the marker value in the second memory element; and 

6 upon application of power from the first source, generating a temporary marker 



7 value from the random value stored in the first memory element and the general 

8 encryption key, wherein an attack is detected if the temporary marker value is not equal to 

9 the marker value in the second memory element. 

1 6. The method of claim 1 , wherein the sensitive data includes a general encryption 

2 key. 

1 7 . The method of claim 6, wherein the first memory element is RAM internal to the 

2 processor, and the terminal further includes a second memory element that is a RAM 

3 external to the processor, the method further comprising: 

4 generating encrypted data using the general encryption key; and 

5 storing the encrypted data in the second memory element. 

1 8. The method of claim 7, further comprising: 

2 generating a random value; 

3 storing the random value in the first memory element; 

4 encrypting the random value as a marker value using the general encryption key; 
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5 storing the marker value in the second memory element; and 

6 upon application of power from the first source, generating a temporary marker 

7 value from the random value stored in the first memory element and the general 

8 encryption key, wherein an attack is detected if the temporary marker value is not equal to 

9 the marker value in the second memory element. 



1 9. An apparatus for managing sensitive data in a point-of-sale terminal having a first 

2 memory element, a processor having a register, a security circuit, and a power supply 

3 circuit arranged to provide power from a first power source when power is available from 

4 the first source and from a second power source when power is unavailable from the first 

5 source, comprising: 

6 means for storing sensitive data in the first memory element; 

7 means, responsive to a loss of power from the first source, for switching to power 

8 from the second source, copying the sensitive data from the first memory element to the 

9 register, and erasing the sensitive data from the first memory element; and 

10 means for detecting an attack on the terminal; and 

1 1 means for erasing the sensitive data from the first memory element and from the 

12 register in response to an attack on the terminal. 

1 10. A circuit arrangement providing for erasure of sensitive data, comprising: 

2 a first memory element; 

3 a register; 

4 a security circuit configured to detect a security threat to the circuit arrangement 

5 and generate a first signal upon detection of a security threat; 
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6 a power supply coupled to the first memory element, the register, and the security 

7 circuit, the power supply arranged to provide power from a first power source when power 

8 is available from the first source and from a second power source when power is 

9 unavailable from the first source; and 

10 a processor coupled to the RAM, the register, the security circuit and the power 

1 1 supply, the processor configured to store sensitive data in the RAM when power is 

12 available from the first source, and upon application of power from the second power 

13 source copy the sensitive data from the RAM to the register and erase the sensitive data 

14 from the RAM. 

1 1 1 The circuit arrangement of claim 10, wherein the processor is further configured to 

2 copy the sensitive data from the register to the RAM upon reapplication of power from the 

3 first source. 

1 12. The circuit arrangement of claim 1 1 , wherein the sensitive data includes a general 

2 encryption key. 

1 13. The circuit arrangement of claim 1 2, wherein the first memory element is RAM 

2 internal to the processor, and further comprising: 

3 a second memory element that is a RAM external and coupled to the processor; 

4 and 

5 wherein the processor is further configured to generate encrypted data using the 

6 general encryption key and store the encrypted data in the second memory element. 
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1 14. The circuit arrangement of claim 1 3 , wherein the processor is further configured to 

2 generate a random value and store the random value in the first memory element, encrypt 

3 the random value as a marker value using the general encryption key and store the marker 

4 value in the second memory element, and upon application of power from the first source, 

5 generate a temporary marker value from the random value stored in the first memory 

6 element and the general encryption key, detect an attack if the temporary marker value is 

7 not equal to the marker value in the second memory element. 
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